Specify Internet routing information to routed
/etc/gateways
The /etc/gateways file identifies gateways for the routed daemon.
Typically, the routed daemon queries the network and builds routing tables
based on the routing information transmitted by other hosts that are directly connected to the network.
Gateways that the daemon can't identify through its queries (also called distant gateways)
may be identified in this file.
When the routed daemon starts, it calls this file to:
- find distant gateways which may not be located using only the information from a routing socket
- discover if some of the local gateways are passive
- obtain other parameters (see
"Other parameter settings").
Gateways must be marked as passive, active or external
to indicate how it is to be treated:
- active
- Is willing to exchange RIP (Routing Information Protocol) packets -- they're treated like network interfaces.
- passive
- Aren't expected to exchange routing information.
- external
- Are to be considered passive.
Another routing process will install such a route if necessary,
and other routes to that destination shouldn't be installed by routed.
Each entry is contained on a single line.
Blank lines and lines starting with a pound sign (#) indicates a comment.
An entry may specify user preferences (see
"Other parameter settings"),
or it can indicate whether the route is to a network a specific host using one of the following formats:
net Nname[/mask] gateway Gname metric value <passive|active|extern>
host Hname gateway Gname metric value <passive|active|extern>
- Gname
- Name or address of the gateway to which RIP (Routing Information Protocol) responses should be forwarded.
- Hname or Nname
- Name of the destination network or host.
It may be a symbolic network name (as used in /etc/hosts or /etc/networks)
or an Internet address specified in the conventional "." (dot) notation using the
inet_network()
routine from the internet address manipulation functions, inet_*().
If it's a symbolic network name, then it must either be defined in
/etc/networks
or
/etc/hosts,
or
named
and must be started before routed.
- mask
- Optional number, between 1 and 32, that indicates the netmask associated with Nname.
- value
- The hop count to the destination host or network.
- active
- Send RIP responses to the distant active gateway.
As long as the gateway is active, information about it is maintained in the internal routing tables,
and will be included with any routing information transmitted through RIP.
If the gateway doesn't respond for a period of time, the associated route is deleted
from the internal routing tables and the RIP responses are advertised via other interfaces.
If the distant gateway resumes sending RIP responses, the associated route is restored.
Such gateways can be useful on media that don't support broadcasts or
multicasts but otherwise act like classic shared media like Ethernets such as some ATM networks.
One can list all RIP routers reachable on the HIPPI or ATM network in
/etc/gateways
with a series of "host" lines.
Note that it's usually desirable to use RIPv2 in such situations to avoid generating lists of inferred host routes.
- passive
- Don't exchange RIP (Routing Information Protocol) information.
Mark the interface as not to be advertised in updates sent via other interfaces,
and turn off all RIP and router discovery through the interface.
Routes through passive gateways are installed in the kernel's
routing tables once at startup and aren't included in transmitted RIP responses.
- extern
- Inform the routed daemon that another routing process
will install such a route and that alternative routes to that destination shouldn't be installed
by routed.
Information about external gateways is not maintained in the internal routing tables and
isn't transmitted through RIP.
Such entries are only required when both routers may learn of routes to the same destination.
When debugging is turned on with -T, these lines create pseudo-interfaces.
When setting parameters for remote or external interfaces, you should start the lines with:
if=alias(Hname), or
if=remote(Hname), etc.
Lines that don't start with net or host
must consist of one or more of the following parameter settings, separated by commas or blanks:
- bcast_rdisc
- Specify that Router Discovery packets should be broadcast instead of multicast.
- fake_default=metric
- Identical effect to the following with the network and mask coming from the specified interface:
-F net[/mask][=metric]
- if=ifname
- Indicate that the other parameters on the line apply to the interface name ifname.
- md5_passwd=XXX|KeyID[start|stop]
- Specify a RIPv2 MD5 password.
This keyword is similar to passwd, except that a KeyID is required.
- no_ag
- Turn off collection (aggregation) of subnets in RIPv1 and RIPv2 responses.
- no_rdisc
- Disable the Internet Router Discovery Protocol.
- no_rdisc_adv
- Disable the transmission of Router Discovery Advertisements.
- no_rip
- Disable all RIP processing on the specified interface.
If no interfaces are allowed to process RIP packets, routed acts purely as a router discovery daemon.
Note that turning off RIP without explicitly turning on router
discovery advertisements with rdisc_adv or -s causes routed to
act as a client router discovery daemon, not advertising.
- no_rip_mcast
- Cause RIPv2 packets to be broadcast instead of multicast.
- no_ripv1_in
- Ignore RIPv1 received responses.
- no_solicit
- Disable the transmission of Router Discovery Solicitations.
- no_super_ag
- Turn off the collection of networks into supernets in RIPv2 responses.
- passwd=XXX[|KeyID[start|stop]]
- Specify a RIPv2 cleartext password that'll be included in all RIPv2 responses sent,
and checked in all RIPv2 responses received.
Any blanks, tab characters, commas, or #, |, or NULL characters in the password
must be escaped with a backslash (\).
The common escape sequences \n, \r, \t, \b, and \xxx have their usual meanings.
The KeyID must be unique but is ignored for cleartext passwords.
If present, start and stop are timestamps in the form year/month/day@hour:minute.
They specify when the password is valid.
The valid password with the most future is used on output packets, unless all passwords have expired,
in which case the password that expired most recently is used, or unless no passwords are valid yet,
in which case no password is output.
Incoming packets can carry any password that's valid, will be valid within 24 hours, or that was valid within 24 hours.
To protect the secrets, the passwd settings are valid only in the /etc/gateways file and
only when that file is readable only by root.
- pm_rdisc
- Similar to fake_default.
When RIPv2 routes are multicast, so that RIPv1 listeners cannot receive them,
this feature causes a RIPv1 default route to be broadcast to RIPv1 listeners.
Unless modified with fake_default, the default route is broadcast with a metric of 14.
That serves as a "poor man's router discovery" protocol.
- rdisc_adv
- Specify that Router Discovery Advertisements should be sent,
even on point-to-point links, which by default only listen to Router Discovery messages.
- rdisc_interval=N
- Set the nominal interval with which Router Discovery Advertisements
are transmitted to N seconds and their lifetime to 3*N.
- rdisc_pref=N
- Set the preference in Router Discovery Advertisements to the optionally signed integer N
(default preference is 0).
Default routes with smaller or more negative preferences are preferred by clients.
- redirect_ok
- Cause RIP to allow ICMP Redirect messages when the system is acting as a router and forwarding packets.
Otherwise, override ICMP Redirect messages.
- ripv1_mask=nname/mask1,mask2
- Specify that the netmask of the network,
of which nname/mask1 is a subnet, should be mask2.
For example, ripv1_mask=192.0.2.16/28,27
marks 192.0.2.16/28
as a subnet of 192.0.2.0/27
instead of 192.0.2.0/24.
It's better to turn on RIPv2 with ripv2_out, instead of using this facility.
- ripv2
- Enable RIPv2. It's equivalent to no_ripv1_in and no_ripv1_out.
- ripv2_out
- Turn on RIPv2 output and cause RIPv2 advertisements to be multicast when possible.
- send_solicit
- Specify that Router Discovery solicitations should be sent,
even on point-to-point links,
which by default only listen to Router Discovery messages.
- subnet=nname[/mask][,metric]
- Advertise a route to network nname with mask mask and the supplied metric (default is 1).
This parameter must appear by itself on a line.
The network number must specify a full, 32-bit value, as in 192.0.2.0 instead of 192.0.2.
Although this feature may be useful for filling "holes" in CIDR allocations,
it's a dangerous feature and shouldn't be used unless necessary.
- trust_gateway=rname[|net1/mask1|net2/mask2|...]
- Cause RIP packets from that router and other routers named in other trust_gateway keywords to be accepted,
and packets from other routers to be ignored.
If networks are specified, then routes to other networks will be ignored from that router.
routed,
rtquery